System and method for visualizing and measuring software assets

ABSTRACT

The present disclosure provides generally for a system and method for visualizing and measuring software assets. According to the present disclosure, the system interacts through an API to discover and populate all software applications within an organization in an interface that provides the user real-time information regarding the software applications. The system may provide real-time insights within an organization at all levels, with real-time feedback and metrics on what software there is, how software is being used, and software management options.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims priority to and the full benefit of U.S.Provisional Patent Application Ser. No. 62/490,005, filed Apr. 25, 2017,and titled “SYSTEM AND METHOD FOR VISUALIZING AND MEASURING SOFTWAREASSETS”, the entire contents of which are incorporated in thisapplication by reference.

BACKGROUND OF THE DISCLOSURE

Software is used to facilitate and simplify a variety of tasks unique toeach industry with the hope of keeping the daily, weekly, monthly,quarterly, and yearly goals and tasks of a business manageable. This isparticularly important where there may be thousands of employees to keeptrack of, innumerable daily tasks to complete, and shifting goals withinany given hour. Because of all the moving parts involved in managing abusiness, companies usually use more than one software program to stayapprised of their tasks and goals. Some even develop custom software toachieve their goals. Each individual program may be tuned to solve adifferent particular need and provide a different solution. A company ororganization may use programs interchangeably, or use different ones tosolve the same need in a different way. As a company grows or changes,so too does its software needs. If software they are using do not meetthese needs, the search for software that serves their aims beginsagain, while other software remains untouched, unused, or underusedwithin the organization.

Organizations and companies may also have systems and solutions builtwithout explicit organizational approval or software not installed bythe information technology (IT) department. Typically, shadow ITsolutions do not align with an organization's requirements for control,documentation, security, and reliability, creating compliance issuesdown the line. Shadow IT can also add hidden costs to organizations,create inconsistencies within programs and projects due to the lack ofuniformity between programs, produce security vulnerabilities, and causeinefficiencies within a company. Enterprise IT expenditures continuallymove outside the direct control of IT departments

This results in a growing list of software to monitor, update, andmaintain. If a company continues to experiment with applications orprograms to help them on a daily basis, it is only natural that somewill fall by the wayside. As a result of these concerns, informationtechnology asset management (ITAM) serves to help businesses makestrategic decision making within the IT environment, focusing onsupporting life cycle management for software and hardware. One of thegoals of ITAM is to help organizations manage their systems moreeffectively while saving time and money to avoid unnecessary futurepurchases. ITAM has the potential to stop projects from progressing thathave inaccurate or old information.

Another aspect of ITAM is application lifecycle management (ALM) ofcomputer programs, which helps a business manage and optimize thepurchase, installation, implementation, maintenance, utilization, andremoval of software applications within an organization. ALM focuses oneffective management practices by controlling and protecting software tolimit risk and exposure while increasing IT responsiveness and end-userproductivity. For example, ALM may track license expirations forcompanies so companies operate within software compliance regulations.However, the role of a ALM program within an organization can varywidely based on a variety of factors, such as portfolio size, existinginfrastructure, and available resources. Many ALM programs focus onreallocating underutilized software licenses within the company,enforcing compliance with terms and conditions, automating IT processes,and improving worker productivity.

SUMMARY OF THE DISCLOSURE

What is needed is a user-friendly, intuitive visualization system thatprovides a method for real-time insight to users within an organizationat all levels, with real-time feedback and metrics on what softwarethere is, how software is being used, and software management options.These users may collaborate with others across the organization withinthe system to implement changes, brainstorm further ideas on managingsoftware or projects, track progress, and rapidly affect change in theorganization within their permission levels. As an organization accruessoftware, the software itself may be ranked, evaluated, or graded basedon usability, reliability, benchmarks, and other factors. Uponinstallation, the system may integrate with whatever other software isin the system through an application programming interface (API) orhardware installed on-site to provide a fuller picture of what softwarea company has and how the software is being used.

These insights and functionality may be available within one centrallocation, such as a dashboard interface, that may be accessed by anyonewithin an organization. Depending on the user's position within a teamor within an organization, they may have access to multiple sources ofinformation for a team. For example, a user may have access to budgetingor forecasting tools, product management tools, or operation tools. Auser may create reports on each aspect that they would like to drillinto, with the program able to identify risks the user should be awareof while providing actionable items that a user may set into motionimmediately, by the system's recommendation, or at a time to beimplemented by the system. These reports may also provide information onschedules, projects, internal team or external vendor productivity, whatsoftware has had issues, and event tracking.

The present disclosure relates to a software business management systemfor visualizing and measuring software assets, wherein the system mayinclude a discovery tool installable on one or more organizationservers, an integration engine, and an analytics engine. In someaspects, the discovery tool may be configured to access an organizationenvironment; identify a plurality of organization applications, monitorthe plurality of organization applications, and collect organizationapplication data. In some embodiments, the integration engine may beconfigured to convert or translate the organization application datainto universal data, where the universal data includes a common format;and store the universal data in an external data warehouse. In someimplementations, an analytics engine may be configured to access theexternal data warehouse and analyze the universal data, where ananalysis output includes insights related to the plurality oforganization applications.

In some aspects, the organization application data may compriseuser-generated data. In some embodiments, the discovery tool may befurther configured to score the plurality of organization applications.In some implementations, the discovery tool may be further configured toidentify inventory within the organization environment; monitor theinventory; and collect inventory data. In some aspects, the analysis mayinclude a performance analysis of at least a portion of the organizationapplications. In some embodiments, the system may comprise anadministrative interface, where the analytics engine may be furtherconfigured to create reports based on the insights, and where thereports are viewable in the administrative interface.

In some aspects, the system may further include at least oneauthentication mechanism, where the at least one authenticationmechanism may secure a transmission of organization application datafrom the organization servers to the external data warehouse. In someembodiments, the scanner may be further configured to transmit at leasta portion of the organization application data to the external datawarehouse. In some implementations, the analysis may include identifyingoutlier data within the universal data and separating the outliers intoacceptable departures and unacceptable departures. In some embodiments,the analysis may include a software decay assessment of at least one ofthe plurality of organization applications, where the software decayassessment may be based at least in part on the outlier data.

In some implementations, the present disclosure may relate to a methodfor visualizing and measuring software assets, where the method mayinclude the method steps of: accessing an organization environment;identifying a plurality of organization applications; monitoring theplurality of organization applications; collecting organizationapplication data; converting or translating the organization applicationdata into universal data, where the universal data includes a commonformat; storing the universal data in an external data warehouse; andanalyzing the universal data, where an analysis output includes insightsrelated to the plurality of organization applications.

In some embodiments, the organization application data may includeuser-generated data. In some aspects, the method may comprise scoringthe plurality of organization applications. In some implementations, themethod may comprise identifying inventory within the organizationenvironment, monitoring the inventory, and collecting inventory data. Insome aspects, the analysis may include a performance analysis of atleast a portion of the organization applications. In someimplementations, the method may further include creating one or morereports based on the insights, where the reports may be viewable in theadministrative interface. In some embodiments, the accessing may occurthrough at least one authentication mechanism, where the at least oneauthentication mechanism may secure a transmission of organizationapplication data from the organization servers to the external datawarehouse.

In some implementations, the method may further include transmitting atleast a portion of the organization application data to the externaldata warehouse. In some aspects, the analyzing may include identifyingoutlier data within the universal data and separating the outliers intoacceptable departures and unacceptable departures. In some embodiments,the analyzing may further include a software decay assessment of atleast one of the plurality of organization applications, where thesoftware decay assessment may be based at least in part on the outlierdata.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings that are incorporated in and constitute a partof this specification illustrate several embodiments of the disclosureand, together with the description, serve to explain the principles ofthe disclosure:

FIG. 1 illustrates a functional block diagram of an exemplary softwarebusiness management system

FIG. 2 illustrates an exemplary software business management systeminfrastructure.

FIG. 3 illustrates exemplary method steps for software businessmanagement.

FIG. 4 illustrates exemplary software business management graphical userinterface (GUI).

FIG. 5 illustrates exemplary software business management graphical userinterface (GUI).

FIG. 6 illustrates apparatus that may be used to implement aspects ofthe present disclosure including executable software.

FIG. 7 illustrates an exemplary scanner for use in a software businessmanagement system.

FIG. 8 illustrates an exemplary API for use in a software businessmanagement system.

FIG. 9 illustrates an exemplary data warehouse for use in a softwarebusiness management system.

FIG. 10 illustrates an exemplary analysis engine for use in a softwarebusiness management system.

FIG. 11 illustrates an exemplary computer device for use with a softwarebusiness management system.

FIG. 12 illustrates an exemplary black box for use in a softwarebusiness management system.

FIG. 13 illustrates an exemplary processing and interface system.

DETAILED DESCRIPTION

The present disclosure provides generally for a system and method forvisualizing and measuring software assets. According to the presentdisclosure, the system interacts through an API to discover and populateall software applications within an organization in an interface thatprovides the user real-time information regarding the softwareapplications. The user is provided with a variety of options fornavigating and acting on these applications, described below.

In the following sections, detailed descriptions of examples and methodsof the disclosure will be given. The description of both preferred andalternative examples, though thorough, are exemplary only, and it isunderstood to those skilled in the art that variations, modifications,and alterations may be apparent. It is therefore to be understood thatthe examples do not limit the broadness of the aspects of the underlyingdisclosure as defined by the claims.

Glossary

-   -   Insight: as used herein refers to data obtained or derived that,        once analyzed, allows a software business management system to        provide actionable information about the software being        analyzed. Insights may include cost, quality, risk and security        vulnerabilities that may be associated with a particular        application, type of platform, or user group, as non-limiting        examples.    -   Inventory Discovery: as used herein refers to a discovery tool        that may be integrated into a system, wherein the discovery tool        may identify, locate, and monitor stored files and data.        Inventory discovery may allow an organization to have visibility        of data throughout applications and users.    -   Software Discovery: as used herein refers to a discovery tool        that may integrated into a system, wherein the discovery tool        may identify, locate, and monitor software that may interface        with the system. In some aspects, the discovery tool may        identify one or both software stored within the system or        software that interfaces with the systems.    -   Software Decay: as used herein refers to decreasing        effectiveness of software over time. In some aspects, software        decay may significantly impact the usefulness of the software,        which may create susceptibility and inefficiencies in a        business. Identifying and isolating software decay may allow a        business to directly address the software decay, such as by        excising, replacing, or updating the software.    -   Software Governance: as used herein refers to a business concept        specific to the rules, procedures, and requirements for how a        company or organization may use software within their business        model. In some organizations, employees and contractors at a        variety of levels may have the capability to install or edit        software on business systems. Software governance may allow an        organization to control and monitor software installed in the        system. Software governance may allow an organization to        maintain compliance with industry regulations, such as the        Payment Card Industry Data Security Standard (PCI) or Health        Insurance Portability and Accountability Act (HIPAA) compliance.    -   Software Business Management: as used herein refers to a        business management system based on software applications        utilized by the business, wherein software analytics may be used        to develop business strategy related to the implementation of        software within the business. In some aspects, software        governance may comprise a rule set, and software business        management may comprise the strategy.    -   Score: as used herein refers to a derived metric that may        represent the relative value score of a software application. In        some aspects, inputs to calculating the score may be normalized        data values from a data warehouse. In some embodiments, the        output of the score calculation may be a point-in-time numerical        value that may be useful to compare applications to one another.        In some implementations, the score may factor in metrics such as        the size, quality, risk, activity, and performance of the        application.    -   Product Economics: as used herein refers to the process of        determining the economics of a product in its current state        while considering cost and net benefit. In some aspects, product        economics may allow software business management system to        define the cost necessary to maintain current net benefit,        allowing for a determination as to whether the economics of the        current product may be improved by either increasing net benefit        or reducing cost necessary to achieve better economics.    -   Economic Modeling: as used herein refers to an activity focused        on understanding product economics in specific scenarios. For        example, a company may be considering spinning out an internal        application into its own product/company. Used internally, the        product may have a different economic model than if spun out of        the organization.    -   Threat Intelligence: as used herein refers to the potential        security vulnerabilities that may be found in either the        software or the dependencies, tools, frameworks or languages        used to create the software.    -   Software Development Life Cycle (SDLC): as used herein refers to        a dashboard of information allowing technology leaders to see        how well their entire software development organization may be        performing.

Referring now to FIG. 1, a functional block diagram of an exemplarysoftware business management system 100 is illustrated. In someembodiments, a software business management system 100 may comprise ananalytics tool designed to provide insight specific for organizationsdependent on software within their organization. In some aspects,insight may allow companies to benefit from the use of custom softwarefrom valuation to benchmarking. In some implementations, metrics mayguide organizations to achieving a higher value business through betterdecision making around their customer software assets.

In some aspects, software business management may rely on data, whichmay comprise a variety of forms from a range of sources, including, forexample, external APIs 180, external databases, system API 130, anduser-provided data.

Some examples of external API 180 sources may include source controlmanagement (SCM), work item tracking (WIT), time tracking, buildservers, application performance monitoring (APM) tools, error logs,static code analysis (SCA) tools, cloud providers, and any other datasources surrounding software development and management that have APIsavailable. In some aspects, authentication may be used to connect tothese external APIs 180 to limit storage of sensitive credentials. Forexample, authentication mechanisms may include shared access signatures(SAS), personal access tokens, API keys, as non-limiting examples.

External databases may include vulnerability databases, dependencyrepositories, product version data, open source code repositories, andother similar sources of data about software versions andvulnerabilities that are externally maintained.

In some aspects, a system API 130 may serve three primary functions: toallow customers to push data into the software business managementsystem 100 via organization applications, to enable a software businessmanagement system scanner 140 to push data into the software businessmanagement system 100 from behind an organization's firewall, and toallow customers to pull data out of the software business managementsystem 100 for reporting purposes. In some embodiments, the softwarebusiness management system scanner 140 may comprise an application thatmay run at build time on an organization's build server to analyze theirsource code, binaries, and configuration to glean useful information,such as framework versions, dependencies, database discovery, asnon-limiting examples. In some aspects, the software business managementsystem scanner 140 may take this information and push it into thesoftware business management system 100 via the software businessmanagement system API 130. In some embodiments, plug-ins may be used forvarious build servers to facilitate the adoption of the softwarebusiness management system scanner 140.

In some aspects, the software business management system scanner 140 maybe installed on organization build servers. The software businessmanagement system scanner 140 may apply standard and proprietaryalgorithms to organization source code, which may be used to generatedata for an analysis engine 150. The software business management systemscanner 140 may be useful where an organization may not permit theirsource code to leave the organization environments. In some aspects, thesoftware business management system scanner 140 may exist within theorganization environments and constantly analyze the source code. Fromthere, the software business management system scanner 140 may push thegenerated or computed data, in contrast to source data, up to a datawarehouse 120, which may utilize secure connections.

In some aspects, the software business management system may receiveuser-provided data, which may include manually entered data that a user170 may input via a software business management system UI 160. Forexample, user-provided data may comprise a cost worksheet with costsneeded to develop and run an application, collaboration discussions, keyevents, and portfolio assignments.

In some embodiments, receipt of data may initiate analysis. In someaspects, additional data access may expand the analytic capabilities ofthe software business management system 100. In some implementations,the data may be converted or translated via the software businessmanagement system integration engine 110 into a common, unified formatin the software business management system data warehouse 120. Anintegration engine 110 may allow for universal treatment of differentdata providers despite them having different forms of APIs 130.

Once the data is in a unified format in a software business managementsystem data warehouse 120, the software business management systemanalysis engine 150 may apply mathematical and statistical algorithms tothe data to extract meaningful information. The algorithms may span fromsimple summations over a time series to machine learning (ML) algorithmssuch as Naïve Bayes classifiers and least squares linear regression, asnon-limiting examples. In some embodiments, the analysis engine 150 maybe programmed to detect outliers in data that may represent a meredeparture from the norm or a severe cause for concern.

In some aspects, the detections may be transformed into insights thatmay be presented to the user 170 as alerts. Users 170 may also receiveemail notifications of insights as they are discovered. The output ofthis analysis may be made available to the software business managementsystem UI 160 for use in charts and other visualizations.

Referring now to FIG. 2, an exemplary software business managementsystem infrastructure 200 is illustrated. In some aspects, organizationsoftware 260, 270, 280, 290, 295 may be analyzed by a series of analyticand management mechanisms 210, 220, 230, 240. In some aspects, at 210,application lifecycle management and software integration analysis andmanagement may occur. At 220, software quality analytics, softwarequality measurement, and software development analytics and managementmay occur. At 230, application performance management and applicationperformance monitoring may occur. At 240, application portfoliomanagement and project portfolio management may occur.

In some embodiments, a software business management system 250 mayaccess and monitor fully-contained software 260, wherein the system APImay store and control the fully-contained software 260. In some aspects,the software business management system 250 may accesspartially-controlled software 270, 280, wherein a portion of thepartially-controlled software 270, 280 may be located within thesoftware business management system. In some implementations, thesoftware business management system 250 may access linked software 290,295, which may interface through a partially-controlled software,fully-contained software, through an authorization mechanism, orcombinations thereof. In some embodiments the software businessmanagement system 250 may monitor software for inefficiencies.

In some aspects, the software business management system 250 mayexpedite access to more complete information as it relates to thetechnology in question. In some embodiments, the software businessmanagement system 250 may use static code analysis to perform codeanalysis. In some implementations, the software business managementsystem 250 may integrate with existing tools used within anorganization. In some aspects, once integrated, the software businessmanagement system 250 may develop economic models for products withinthe organization. In some embodiments, the software business managementsystem 250 may provide a value-at-risk for each product within theeconomic models developed for each product.

For example, a buy-side organization in a merger and acquisition maycollaborate with a sell-side organization by using the software businessmanagement system 250. The software business management system 250 mayallow these sides access to see information gathered in a due diligencephase, track the diligence process, and discover where teams haveremediation plans to improve code. The software business managementsystem 250 may measure economic models over time to provide greaterinsight for the negotiations. This may allow for more successful mergerand integration phases.

As another example, an incoming chief officer of a company typically hasdue diligence and transparency obligations coupled with objective dataand collaboration needs. The software business management system 250 mayprovide onboarding and insight to the incoming officer regarding thesoftware portfolio's current state and value without the learning curveassociated with a chief officer's first 100 days. In someimplementations, this may come in the form of the software businessmanagement system 250 identifying the strategic opportunities, portfoliostrengths and weaknesses, and where to invest for the chief officer.

Referring now to FIG. 3, exemplary method steps for software businessmanagement are illustrated. At 305, organization applications may beaccessed. In some aspects, an authorization mechanism may be required.At 310, organization applications may be identified, such as throughsoftware discovery. At 315, organization applications may be normalized.In some implementations scoring may allow for universal comparisonbetween different platforms, application types, and application brands.At 320, normalized data may be stored, and at 325, organizationapplications may be monitored. At 330, an analytic input may bereceived, and at 335, insight may be reported.

In some aspects, inventory discovery may identify and locate filesassociated with or stored through organization applications. In someembodiments, at 325, the monitoring may detect software decay, which mayidentify applications that may be losing effectiveness. Loss ofeffectiveness may be caused by one or more factors, such as outdatedsoftware, outgrowing the limitations of the software, changingplatforms, new software with overlapping functionality, a decrease inthe need for or use of the software, frequent crashes, error logs, orincompatibility, as non-limiting examples.

Referring now to FIG. 4, an exemplary software business managementgraphical user interface (GUI) 400 is illustrated. In some aspects, asoftware business management GUI 400 may present general monitoringvisualizations 410 for one or more of the organization applications andsnapshot analytics 420 that may present information that a user ororganization may consider a priority. The software business managementGUI 400 may comprise a user menu 430, which may allow a user to navigatethe software business management system.

In some aspects, vulnerabilities may be delivered via a softwarebusiness management GUI 400. In some embodiments, the software businessmanagement GUI 400 may communicate the total number of vulnerabilitiesin the entire software portfolio and allow organizations to search forspecific vulnerabilities. In some implementations, the system may allowusers to delegate the work of addressing vulnerabilities to track andensure the vulnerabilities are being addressed. In some aspects, thesystem may display a remediation panel, which may communicate theaverage time taken to resolve vulnerabilities found.

In some embodiments, a software business management GUI 400 mayillustrate information related to software development lifecycle (SDLC).In some aspects, in places where the organization may not be performingwell, the system may use alerts and icons to make clear that somethingis not performing as expected or within acceptable parameters. In someembodiments, this may allow technology leaders to focus their time onthe areas of the software develop organization that most need attentionfirst.

Referring now to FIG. 5, an exemplary software business managementgraphical user interface (GUI) 500 is illustrated. In some aspects, asoftware business management GUI 500 may present detailed monitoringvisualizations 510 for one or more of the organization applications andfilter or view options 520 that may allow a user or organization tocustomize the visualization. The software business management GUI 500may comprise a secondary visualization 530, which may allow a user toview limited details for a large selection of organization applications.

Companies that have custom software may require an ever-growing list oftools to be successful and efficient. The landscape of tools mayconstantly grow and change, as the field progresses. In someembodiments, the software business management system may adapt, evolve,and grow with the industry.

In some aspects, the software business management system may utilize atwo-stage data warehouse, wherein data from the external data sourcesmay be pulled into the first stage of the data warehouse. This may bothcapture the data in its native form and ensure that if the tool goesdown, or goes away, the data that was previously generated by that tool,software, or platform may still be accessible, which may be critical tolong term analytics, through updates or firmware, or by predictive orprescriptive functionality.

In some embodiments, through machine learning, the software businessmanagement system may create more efficient software structure on itsown or by approval from a user. In some implementations, a softwarebusiness management system may write code to implement on its own basedon prior builds. For example, custom software implemented within anorganization may cause more system crashes than prior builds did. Asoftware business management system, using former code, may create linesof code to solve the crashing issue based on a more stable build, or bydiscovering and writing code for what may be a more stable build. Insome aspects, a software business management system may generate linesof code for a software engineer who may guide a software businessmanagement system in implementation or on what problems to solve. Insome embodiments, a software business management system may detectsoftware decay and develop code to ensure the continued viability of theaffected software.

Generally, over time, companies and organizations may lose historicaldata when the organization changes tools. For example, if a company hasbeen using one product for project management, but changed over to asecond product for similar functionality, companies may lose thehistorical data from the original product, making it difficult tomeasure the whole history of the projects and difficult to compare theeffectiveness of the two products. In some aspects, the softwarebusiness management system may capture the core data components in thefirst stage of the warehouse, making it easy for clients to change toolswithout losing their history.

Customarily, software tools use their own language and terminology andorganization may differ between tools. In some embodiments, the softwarebusiness management system may create a translation of the languages andterminology, wherein the translation may allow for a one to onecomparison of effectiveness and efficiency between software. In someaspects, the software business management system may establish baselinestandards of technical cost, quality, risks, and vulnerabilities of asoftware portfolio. In some embodiments, the baseline may be based onthe custom needs and efficiency goals of a particular organization. Insome aspects, a general baseline may initially establish baselinesacross an industry, platform type, or specific applications, asnon-limiting examples. A general baseline may evolve over time, adaptingto input goals or machine learning from organizational changes.

In some embodiments, artificial intelligence and machine learning may beutilized to dynamically present analytic reporting and insights to auser. In some embodiments, correlations in the data across platforms mayallow users to review analytics without requiring separate access toeach application in the software portfolio.

In some aspects, general external data sources may be pulled into thedata warehouse, wherein the two-stage warehouse system may limitvulnerability to security breaches and loss of historical data. In someembodiments, security mechanisms may be integrated into the softwarebusiness management system, such as limiting storage of user credentialsto external services in the database and instead create authenticationtokens or encrypt API keys, personal access tokens, or passwords in thedatabase, such as through AES encryption. In some implementations,traffic from the software business management system may be transmittedvia API over HTTPS, ensuring that communication is encrypted.

For example, the software business management system login informationmay utilize secure PBKDF2 hashing of salted passwords so that, in theevent one or both database is compromised, the password may not leak.The database may be transparently encrypted at rest and in transit, aswell as the storage account. In some aspects, onsite appliance versionsof the software business management system may add another level ofsecurity.

Referring now to FIG. 6, an exemplary integration engine 600 for use ina software business management system is illustrated. In some aspects,an integration engine 600 may comprise API-specific integration plug-ins610, which may be specific to a vendor or platform type. In someembodiments, the integration engine 600 may receive external APIs anddata sources 630 from an external source and the integration engine 600may comprise a normalizer mechanism 620 that may allow for a uniformcomparison of analytics and insights over different platforms. In someaspects, the API-specific integration plugins 610 may receive andprocess original external data 615 from an external database, such as anorganization database or a vendor database. In some implementations,normalized data 625 may be stored in an inner ring database, wherein thecontent of the original external data 615 may not be stored limitingsecurity vulnerability.

Referring now to FIG. 7, an exemplary scanner 700 for use in a softwarebusiness management system is illustrated. In some embodiments, ascanner 700 may receive source code 705, binaries 710, and configuration715 from an external source, such as organization applications. In someaspects, the scanner 700 may comprise dependency detection plugins 720,vulnerability detection plugins 730, framework detection plugins 740,and static code analysis plugins 750, as non-limiting examples. In someimplementations, the scanner 700 may transmit data to an API 760 of thesoftware business management system.

Referring now to FIG. 8, an exemplary API 800 for use in a softwarebusiness management system is illustrated. In some aspects, the API 800may receive data from one or both a scanner 805 or organizationapplications 810. In some embodiments, the API 800 may comprise ascanner API 820, customer data import API 830, and customer data exportAPI 840, as non-limiting examples. In some implementations, the API 800may transmit data to a data warehouse 850, which may store analyzed andsorted data for the software business management system.

Referring now to FIG. 9, an exemplary data warehouse 900 for use in asoftware business management system is illustrated. In some aspects, thedata warehouse 900 may comprise a two stage database that may allow fora separate storage for data with differing security needs. Within thedata warehouse 900, via the integration engine's normalizer, data may betransformed from its original representation as it was retrieved from anAPI (“outer ring”) into a common, normalized format 920 (“inner ring”)that may account for discrepancies between varying vendors of externaldata sources. The normalizer may use extract, transform, and load (ETL)techniques to transform the external data to the normalized form.

For example, original external data 910 may be stored in an outer ringand may be temporarily stored during the analysis and processing, andnormalized data 920 may be stored in an inner ring, wherein the contentof the original external data 910 may be separated from the normalizeddata 920 and analytics related to the normalized data 920. In someimplementations, the data warehouse 900 may comprise machine learningtraining data 930, which may allow the software business managementsystem to provide adaptive analysis that may provide more precise andcustomized insights over time. In some embodiments, machine learningtraining data 930 may be used to develop intelligent infrastructure forcustom software based on analytics, insights, and identified andanalyzed inefficiencies, vulnerabilities, software decay, asnon-limiting examples. In some aspects, the data warehouse 900 may storeuser-provided data 940, which may include organization information,profile information, organization application authorization information,as non-limiting examples.

Referring now to FIG. 10, an exemplary analysis engine 1000 for use in asoftware business management system is illustrated. In some aspects, theanalysis engine 1000 may receive data from a data warehouse 1010, whichmay be external or integrated into the software business managementsystem. In some embodiments, the analysis engine 1000 may comprise dataaggregation 1020, simulation 1030, machine learning 1040, and outlierdetection 1050, as non-limiting examples. In some implementations,notifications 1070 may be transmitted to designated users, such asexecutives in an organization. In some aspects, the analysis engine 1000may receive input from a UI 1060 within the software business managementsystem.

In some embodiments, an UI 1060 may comprise configurable dashboardsvisualizing key metrics for products and portfolios based on the data inthe system. Visualization may include the software business managementsystem score, cost data, budgets, quality analysis, SCA issues, lines ofcode, hours spent, commits to source code repositories, features, bugs,errors, performance data, frameworks, dependencies, duplicate lines ofcode, technical debt, communication activity, discussions, attachments,security vulnerabilities, build status and time, number of branches,derived ratios of metrics, ML classifications, team members, key events,and other outputs from the analysis engine 1000. These metrics may bevisualized via a display of the metric, on a chart (such as line, bar,pie, etc), in a table, or otherwise. The UI 1060 may be customized tothe needs of the user. The user may change the current time slice toview data in a different time period and compare time periods to oneanother (i.e. year-over-year).

Referring now to FIG. 11, an exemplary computer device 1100 for use witha software business management system 1145 is illustrated. In someaspects, a computer device 1100 may comprise a display 1130, RAM 1105,and a CPU 1110, which may operate with a display adapter 1115, storage1120, and network adapter 1125, as non-limiting examples. In someembodiments, the computer device 1100 may receive input commands from aninput device 1135, such as a mouse, touchscreen, or keyboard. In someimplementations, the computer device 1100 may communicate with thesoftware business management system 1145 through a wired or wirelessnetwork 1140. A computer device 1100 that may be capable of accessing anetwork 1140 may be used to access the software business managementsystem 1145. The computing device 1100 may comprise a CPU 1110 andmemory (RAM) 1105 with storage used for temporary files. The computingdevice 1100 may have a display adapter 1115 and internal or externaldisplay 1130 to view the system's UI, wherein the computer device 1100may support user input 1135 via a touch screen, mouse, or keyboard sothe user may interact with the UI. A network adapter 1125 may be used toaccess the system over the Internet and/or a private network.

Referring now to FIG. 12, an exemplary black box 1200 for use in asoftware business management system is illustrated. In some aspects, theblack box 1200 may be a physical or virtual appliance that may bedesigned to solve the problem of analyzing source code 1210 limiting theneed for the source code 1210 to leave an organization's premises,wherein the black box 1200 may be located behind the organization'sfirewall 1230, without requiring the organization to install andconfigure a complex suite of tools.

In some embodiments, the black box 1200 may comprise a build service1201, a quality analysis service 1202, and software discovery service1203, which may provide a technology and dependency cataloging utility.In some implementations, the build service 1201 may be configured topull the source code 1210 from a privately hosted source controlrepository in the organization's environment or from a cloud-hostedsource control provider. In some embodiments, the code may bestatistically analyzed for quality and security issues by the qualityanalysis service 1202.

In some aspects, a software discovery service 1203 may catalog thetechnologies and dependencies in the application and reports its data upto the cloud API 1240 through the firewall 1230. In someimplementations, after the build, agents 1204 may pull metadata from thebuild service 1201, quality analysis service 1202, and SDLC tools 1220in the environment (such as work item tracking or source control), andmay report the metadata up to the cloud API 1240 through the firewall1230 without the code leaving the environment.

Referring now to FIG. 13, an exemplary processing and interface system1300 is illustrated. In some aspects, access devices 1315, 1310, 1305,such as a paired portable device 1315 or laptop computer 1310 may beable to communicate with an external server 1325 through a softwarebusiness management system 1320 through cloud-based communications. Theexternal server 1325 may be in logical communication with a database1326, which may comprise data related to software identificationinformation and associated profile information. In some embodiments, theexternal server 1325 may be in logical communication with an additionalserver 1330, which may comprise supplemental processing capabilities. Insome implementations, the external server 1325 may be in logicalcommunication with multiple databases. In some aspects, the softwarebusiness management system 1320 may be running on an external server1325.

In some aspects, the server 1325 and access devices 1305, 1310, 1315 maybe able to communicate with a cohost server 1340 through a softwarebusiness management system 1320. The cohost server 1340 may be inlogical communication with an internal network 1345 comprising networkaccess devices 1341, 1342, 1343 and a local area network 1344.

CONCLUSION

A number of embodiments of the present disclosure have been described.While this specification contains many specific implementation details,these should not be construed as limitations on the scope of anydisclosures or of what may be claimed, but rather as descriptions offeatures specific to particular embodiments of the present disclosure.

Certain features that are described in this specification in the contextof separate embodiments can also be implemented in combination in asingle embodiment. Conversely, various features that are described inthe context of a single embodiment can also be implemented incombination in multiple embodiments separately or in any suitablesub-combination. Moreover, although features may be described above asacting in certain combinations and even initially claimed as such, oneor more features from a claimed combination can in some cases be excisedfrom the combination, and the claimed combination may be directed to asub-combination or variation of a sub-combination.

Similarly, while operations are depicted in the drawings in a particularorder, this should not be understood as requiring that such operationsbe performed in the particular order shown or in sequential order, orthat all illustrated operations be performed, to achieve desirableresults. In certain circumstances, multitasking and parallel processingmay be advantageous.

Moreover, the separation of various system components in the embodimentsdescribed above should not be understood as requiring such separation inall embodiments, and it should be understood that the described programcomponents and systems can generally be integrated together in a singlesoftware product or packaged into multiple software products.

Thus, particular embodiments of the subject matter have been described.Other embodiments are within the scope of the following claims. In somecases, the actions recited in the claims can be performed in a differentorder and still achieve desirable results. In addition, the processesdepicted in the accompanying figures do not necessarily require theparticular order shown, or sequential order, to achieve desirableresults. In certain implementations, multi-tasking and parallelprocessing may be advantageous. Nevertheless, it will be understood thatvarious modifications may be made without departing from the spirit andscope of the claimed disclosure.

What is claimed is:
 1. A software business management system forvisualizing and measuring software assets, wherein the system comprises:a discovery tool installable on one or more organization servers,wherein the discovery tool is configured to: access an organizationenvironment; identify a plurality of organization applications; monitorthe plurality of organization applications; collect organizationapplication data; an integration engine configured to: convert ortranslate the organization application data into universal data, whereinthe universal data comprises a common format; store the universal datain an external data warehouse; and an analytics engine configured to:access the external data warehouse; and analyze the universal data,wherein an analysis output comprises insights related to the pluralityof organization applications, and wherein insights comprise predefinedmeasurements related to one or more cost, quality, risk and securityvulnerabilities related to one or more the organization environment orat least a portion of the plurality of organization applications,wherein the analysis comprises identifying outlier data within theuniversal data and separating the outliers into acceptable departuresand unacceptable departures, and wherein the analysis further comprisesa software decay assessment of at least one of the plurality oforganization applications, wherein the software decay assessment isbased at least in part on the outlier data.
 2. The system of claim 1,wherein the organization application data further comprisesuser-generated data.
 3. The system of claim 1, wherein the discoverytool is further configured to score the plurality of organizationapplications.
 4. The system of claim 1, wherein the discovery tool isfurther configured to: identify inventory within the organizationenvironment; monitor the inventory; and collect inventory data.
 5. Thesystem of claim 1, wherein the analysis comprises a performance analysisof at least a portion of the organization applications.
 6. The system ofclaim 1 further comprising an administrative interface, wherein theanalytics engine is further configured to create reports based on theinsights, and wherein the reports are viewable in the administrativeinterface.
 7. The system of claim 1, further comprising at least oneauthentication mechanism, wherein the at least one authenticationmechanism secures a transmission of organization application data fromthe organization servers to the external data warehouse.
 8. The systemof claim 1, wherein the discovery tool is further configured to transmitat least a portion of the organization application data to the externaldata warehouse.
 9. A method for visualizing and measuring softwareassets by a software business management system, wherein the methodcomprises the method steps of: accessing through use of a discovery toolinstallable on one or more organization servers an organizationenvironment; identifying a plurality of organization applications;monitoring the plurality of organization applications; collectingorganization application data; converting or translating through use ofan integration engine the organization application data into universaldata, wherein the universal data comprises a common format; storing theuniversal data in an external data warehouse; and analyzing theuniversal data through use of an analytics engine, wherein an analysisoutput comprises insights related to the plurality of organizationapplications, and wherein insights comprise predefined measurementsrelated to one or more cost, quality, risk and security vulnerabilitiesrelated to one or more the organization environment or at least aportion of the plurality of organization applications, wherein theanalysis comprises identifying outlier data within the universal dataand separating the outliers into acceptable departures and unacceptabledepartures, and wherein the analysis further comprises a software decayassessment of at least one of the plurality of organizationapplications, wherein the software decay assessment is based at least inpart on the outlier data.
 10. The method of claim 9, wherein theorganization application data further comprises user-generated data. 11.The method of claim 9, further comprising the method step of scoring theplurality of organization applications.
 12. The method of claim 9,further comprising the method step of: identifying inventory within theorganization environment; monitoring the inventory; and collectinginventory data.
 13. The method claim 9, wherein the analysis comprises aperformance analysis of at least a portion of the organizationapplications.
 14. The method of claim 9 further comprising the methodstep of creating one or more reports based on the insights, and whereinthe reports are viewable in an administrative interface.
 15. The methodof claim 9, wherein the accessing occurs through at least oneauthentication mechanism, wherein the at least one authenticationmechanism secures a transmission of organization application data fromorganization servers to the external data warehouse.
 16. The method ofclaim 9, further comprising the method step of transmitting at least aportion of the organization application data to the external datawarehouse.